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1 . A method for on-demand management of Internet Protocol (IP) address pools, the 
method comprising: 

allocating an unused IP address from a local IP address pool designated for a remote 
domain if a request to connect to said remote domain is received, said local IP 
address pool comprising one or more of at least one subnet obtained from a 
global IP address pool, each of said at least one subnet specifying a contiguous 
set of one or more IP addresses; 

deallocating an EP address back to said local IP address pool if said IP address is 
unused; and 

apportioning one or more of said at least one subnet between said global IP address 
pool and said local IP address pool based upon utilization of said local IP address 
pool. 

2. The method of claim 1 , further comprising configuring said local IP address pool with 
a subnet from said at least one subnet. 

3. The method of claim 1 wherein said apportioning comprises: 

requesting one or more subnet from said global IP address pool if utilization of said 

local IP address pool exceeds a first threshold; and 
releasing one or more subnet to said global IP address pool if utilization of said local 

IP address pool falls below a second threshold. 
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4. The method of claim 3 wherein said apportioning further comprises polling said local 
IP address pool at predetermined intervals to obtain local IP address pool utilization 
information. 



5. The method of claim 3 wherein 

said requesting further comprises requesting a subnet having first predetermined 

number of IP addresses; and 
said releasing further comprises releasing a subnet having a second predetermined 

number of IP addresses. 



6. The method of claim 3 wherein 

said requesting further comprises requesting a subnet having a size that is relative to a 

current subnet size; and 
said releasing further comprises releasing a subnet having a size that is relative to said 

current subnet size. 



7. The method of claim 3 wherein 

said requesting further comprises requesting a subnet having a size that is relative to 

an initial subnet size; and 
said releasing further comprises releasing a subnet having a size that is relative to said 

initial subnet size. 
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8. The method of claim 3 wherein 

said requesting further comprises requesting a subnet having a size that is relative to a 

current subnet size; and 
said releasing further comprises releasing a subnet having a size that is relative to said 

current subnet size. 

9. The method of claim 3 wherein said releasing further comprises removing the 
summarized route for said one or more subnet from a routing table associated with 
said local IP address pool. 

10. The method of claim 8 wherein said method further comprises inserting a route 
summary for said requested one or more subnet if said requested one or more subnet 
is received. 

11. The method of claim 8 wherein said method further comprises: 

inserting a route summary for a received one or more subnet and requesting one or 
more subnet if the size of said received one or more subnet is less than the size of 
said requested one or more subnet; 

inserting a route summary for said received one or more subnet if the size of said 
received one or more subnet equals the size of said requested one or more subnet; 

inserting a route summary for said received one or more subnet if the size of said 
received one or more subnet is greater than the size of said requested one or more 
subnet and if the resulting local IP address pool utilization falls below said 
second threshold; and 
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rejecting said received one or more subnet and requesting one or more subnet if the 
size of said received one or more subnet is greater than the size of said requested 
one or more subnet and if the resulting local IP address pool utilization does not 
fall below said second threshold. 

12. The method of claim 1 wherein said remote domain comprises a virtual private 
network (remote domain). 

1 3. A program storage device readable by a machine, embodying a program of 
instructions executable by the machine to perform a method for on-demand 
management of Internet Protocol (IP) address pools, the method comprising: 
allocating an unused IP address from a local IP address pool designated for a remote 

domain if a request to connect to said remote domain is received, said local IP 
address pool comprising one or more of at least one subnet obtained from a 
global IP address pool, each of said at least one subnet specifying a contiguous 
set of one or more IP addresses; 
deallocating an IP address back to said local EP address pool if said IP address is 
unused; and 

apportioning one or more of said at least one subnet between said global IP address 
pool and said local IP address pool based upon utilization of said local IP address 
pool 
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14. The program storage device of claim 13, said method further comprising configuring 
said local IP address pool with a subnet from said at least one subnet. 

15. The program storage device of claim 13 wherein said apportioning comprises: 
requesting one or more subnet from said global IP address pool if utilization of said 

local IP address pool exceeds a first threshold; and 
releasing one or more subnet to said global EP address pool if utilization of said local 
IP address pool falls below a second threshold. 



16. The program storage device of claim 15 wherein said apportioning further comprises 
polling said local IP address pool at predetermined intervals to obtain local IP address 
pool utilization information. 



17. The program storage device of claim 15 wherein 

said requesting further comprises requesting a subnet having first predetermined 

number of IP addresses; and 
said releasing further comprises releasing a subnet having a second predetermined 

number of IP addresses. 



18. The program storage device of claim 15 wherein 

said requesting further comprises requesting a subnet having a size that is relative to a 

current subnet size; and 
said releasing further comprises releasing a subnet having a size that is relative to said 

current subnet size. 
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19. The program storage device of claim 15 wherein 

said requesting further comprises requesting a subnet having a size that is relative to 

an initial subnet size; and 
said releasing further comprises releasing a subnet having a size that is relative to said 

initial subnet size. 



20. The program storage device of claim 15 wherein 

said requesting further comprises requesting a subnet having a size that is relative to a 

current subnet size; and 
said releasing further comprises releasing a subnet having a size that is relative to said 

current subnet size. 



2 1 . The program storage device of claim 1 5 wherein said releasing further comprises 
removing the summarized route for said one or more subnet from a routing table 
associated with said local IP address pool. 

22. The program storage device of claim 20 wherein said method further comprises 
inserting a route summary for said requested one or more subnet if said requested one 
or more subnet is received. 



23. The program storage device of claim 20 wherein said method further comprises: 
inserting a route summary for a received one or more subnet and requesting one or 
more subnet if the size of said received one or more subnet is less than the size of 
said requested one or more subnet; 
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inserting a route summary for said received one or more subnet if the size of said 
received one or more subnet equals the size of said requested one or more subnet; 

inserting a route summary for said received one or more subnet if the size of said 
received one or more subnet is greater than the size of said requested one or more 
subnet and if the resulting local IP address pool utilization falls below said 
second threshold; and 

rejecting said received one or more subnet and requesting one or more subnet if the 
size of said received one or more subnet is greater than the size of said requested 
one or more subnet and if the resulting local IP address pool utilization does not 
fall below said second threshold. 

24. The program storage device of claim 13 wherein said remote domain comprises a 
virtual private network (remote domain). 

25. An apparatus for on-demand management of Internet Protocol (IP) address pools, the 
apparatus comprising: 

means for allocating an unused IP address from a local EP address pool designated for 
a remote domain if a request to connect to said remote domain is received, said 
local EP address pool comprising one or more of at least one subnet obtained 
from a global IP address pool, each of said at least one subnet specifying a 
contiguous set of one or more IP addresses; 

means for deallocating an EP address back to said local IP address pool if said IP 
address is unused; and 
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means for apportioning one or more of said at least one subnet between said global IP 
address pool and said local IP address pool based upon utilization of said local IP 
address pool. 

26. The apparatus of claim 25, further comprising means for configuring said local IP 
address pool with a subnet from said at least one subnet. 

27. The apparatus of claim 25 wherein said means for apportioning comprises: 
means for requesting one or more subnet from said global IP address pool if 

utilization of said local IP address pool exceeds a first threshold; and 
means for releasing one or more subnet to said global IP address pool if utilization of 
said local IP address pool falls below a second threshold. 

28. The apparatus of claim 27 wherein said means for apportioning further comprises 
means for polling said local IP address pool at predetermined intervals to obtain local 
IP address pool utilization information. 

29. The apparatus of claim 27 wherein 

said means for requesting further comprises means for requesting a subnet having 

first predetermined number of IP addresses; and 
said means for releasing further comprises means for releasing a subnet having a 

second predetermined number of IP addresses. 
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30. The apparatus of claim 27 wherein 

said means for requesting further comprises means for requesting a subnet having a 

size that is relative to a current subnet size; and 
said means for releasing further comprises means for releasing a subnet having a size 

that is relative to said current subnet size. 

3 1 . The apparatus of claim 27 wherein 

said means for requesting further comprises means for requesting a subnet having a 

size that is relative to an initial subnet size; and 
said means for releasing further comprises means for releasing a subnet having a size 

that is relative to said initial subnet size. 

32. The apparatus of claim 27 wherein 

said means for requesting further comprises means for requesting a subnet having a 

size that is relative to a current subnet size; and 
said means for releasing further comprises means for releasing a subnet having a size 

that is relative to said current subnet size. 

33. The apparatus of claim 27 wherein said means for releasing further comprises means 
for removing the summarized route for said one or more subnet from a routing table 
associated with said local IP address pool. 
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34. The apparatus of claim 32 wherein said apparatus further comprises means for 
inserting a route summary for said requested one or more subnet if said requested one 
or more subnet is received. 

35. The apparatus of claim 32 wherein said apparatus further comprises; 

means for inserting a route summary for a received one or more subnet and means for 

requesting one or more subnet if the size of said received one or more subnet is 

less than the size of said requested one or more subnet; 
means for inserting a route summary for said received one or more subnet if the size 

of said received one or more subnet equals the size of said requested one or more 

subnet; 

means for inserting a route summary for said received one or more subnet if the size 
of said received one or more subnet is greater than the size of said requested one 
or more subnet and if the resulting local IP address pool utilization falls below 
said second threshold; and 

means for rejecting said received one or more subnet and means for requesting one or 
more subnet if the size of said received one or more subnet is greater than the 
size of said requested one or more subnet and if the resulting local EP address 
pool utilization does not fall below said second threshold. 

36. The apparatus of claim 25 wherein said remote domain comprises a virtual private 
network (remote domain). 
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37. An apparatus for on-demand management of Internet Protocol (EP) address pools, the 
apparatus comprising: 

an allocator to allocate an unused IP address from a local IP address pool designated 
for a remote domain if a request to connect to said remote domain is received, 
said local IP address pool comprising one or more of at least one subnet obtained 
from a global IP address pool, each of said at least one subnet specifying a 
contiguous set of one or more IP addresses, said allocator coupled to said local IP 
address pool; 

a deallocator to deallocate an IP address back to said local IP address pool if said IP 
address is unused, said deallocator coupled to said local IP address pool; and 

a monitor to apportion one or more of said at least one subnet between said global IP 
address pool and said local IP address pool based upon utilization of said local DP 
address pool, said monitor coupled to said local IP address pool and a global IP 
address pool interface. 

38. The apparatus of claim 37, further comprising an IP address configurer to configure 
said local IP address pool with a subnet from said at least one subnet. 

39. The apparatus of claim 37 wherein said monitor comprises: 

a utilization assessor to assess utilization of said local IP address pool, said utilization 

assessor coupled to said local IP address pool; 
a subnet requestor to request a subnet from said global IP address pool if utilization of 

said local IP address pool exceeds a first threshold; 
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a subnet receiver to receive said requested subnet and to forward said requested 

subnet to said local IP address pool, said subnet receiver coupled to said local IP 
address pool and said global IP address pool interface; and 

a subnet returner to return a subnet to said local IP address pool if said utilization 
assessor indicates utilization of said local IP address pool is below a second 
threshold, said subnet returner coupled to said local IP address pool and said 
global IP address pool interface. 

40. The apparatus of claim 39 wherein said utilization assessor is further configured to 
poll said local IP address pool at predetermined intervals to obtain local IP address 
pool utilization information. 

41. The apparatus of claim 39 wherein 

said subnet requestor is further configured to request a subnet having first 

predetermined number of IP addresses; and 
said subnet returner is further configured to release a subnet having a second 

predetermined number of IP addresses. 

42. The apparatus of claim 39 wherein 

said subnet requestor is further configured to request a subnet having a size that is 

relative to a current subnet size; and 
said subnet returner is further configured to release a subnet having a size that is 

relative to said current subnet size. 
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43. The apparatus of claim 39 wherein 

said subnet requestor is further configured to request a subnet having a size that is 

relative to an initial subnet size; and 
said subnet returner is further configured to release a subnet having a size that is 

relative to said initial subnet size. 



44. The apparatus of claim 39 wherein 

said subnet requestor is further configured to request a subnet having a size that is 

relative to a current subnet size; and 
said subnet returner is further configured to release a subnet having a size that is 

relative to said current subnet size. 



45. The apparatus of claim 39 wherein said subnet returner is further configured to 
remove the summarized route for said one or more subnet from a routing table 
associated with said local IP address pool. 

46. The apparatus of claim 44 wherein said subnet receiver is further configured to insert 
a route summary for said requested one or more subnet if said requested one or more 
subnet is received. 



47. The apparatus of claim 44 wherein said subnet receiver is further configured to: 
insert a route summary for a received one or more subnet and requesting one or more 
subnet if the size of said received one or more subnet is less than the size of said 
requested one or more subnet; 
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insert a route summary for said received one or more subnet if the size of said 

received one or more subnet equals the size of said requested one or more subnet; 

insert a route summary for said received one or more subnet if the size of said 

received one or more subnet is greater than the size of said requested one or more 
subnet and if the resulting local IP address pool utilization falls below said 
second threshold; and 

reject said received one or more subnet and requesting one or more subnet if the size 
of said received one or more subnet is greater than the size of said requested one 
or more subnet and if the resulting local IP address pool utilization does not fall 
below said second threshold. 

48. The apparatus of claim 37 wherein said remote domain comprises a virtual private 
network (remote domain). 

49. The apparatus of claim 37 wherein 

said global IP address pool comprises an Authentication, Authorization and 

Accounting (AAA) server; and 
said global IP address interface comprises an AAA proxy configured to communicate 

with said AAA server using the RADIUS protocol. 

50. The apparatus of claim 37 wherein 

said global IP address pool comprises a Dynamic Host Configuration Protocol 
(DHCP) server; and 
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said global IP address interface comprises a Ring Access Controller (RAC) client 
configured to communicate with said DHCP server using the DHCP protocol. 
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